I'm using Packages 1.1.3 - A short while ago I asked about code-signing a package, and was referred to using the command line with 'productsign'. Another user here emailed me and said that in Packages, I could "set the certificate" under the Project menu, and then it would automatically sign the package. So I did that, installed my Installer Certificate, and it certainly appears to work. Whether I sign it with the Packages certificate, or I sign it manually using productsign, using 'pkgutil --check-signature' displays the exact same information: "signed by a certificate trusted by Mac OS X" and the exact same fingerprints for all 3 certificates. So seemingly there is no difference between these two methods. I've also tested downloading and installing the auto-code-signed package from the internet onto a virgin VM, on 10.10, 10.11 and 10.12 and it certainly doesn't alert GateKeeper. So it seems to work just fine. Yet I see in the Packages documentation: "While Packages can see and use the Developer ID certificate, at the time of this writing, it does not produce a signed package or distribution that is seen as valid by Gatekeeper - a required intermediate certificate is missing -" "To work around this: * Do not sign the packages and distributions with the corresponding Packages feature. * Use the productsign <https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ ManPages/man1/productsign.1.html> (1) tool that is installed with the Xcode tools (version 3.2.6 or later)." Since both of these methods seem to produce the same results with 'pkgutil', is the above information outdated and it's OK to use the auto-code-signing of the package by Packages? Thanks, - Stephen _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/installer-dev/site_archiver%40lists.... This email sent to site_archiver@lists.apple.com